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What is claimed is: 

1 . A method for maintaining security of a computer system, comprising: 
determining an initial system certainty value for the computer system; 

5 providing access to a database of signatures, each signature including a signature 

certainty value; 

receiving data; 

comparing the received data with the database of signatures; 

increasing the system certainty value if the received data does not match a signature in 
10 the database; 

decreasing the system certainty value if the received data matches a signature in the 
database; and 

filtering the data based on the system certainty value and the signature certainty value 
of a signature matching the received data. 

15 

2. The method of claim 1, wherein the data that does not match a signature in the 
database is forwarded to its destination. 

3. The method of claim 1, wherein the increased or decreased certainty value 
20 becomes the initial system value. 

4. The method of claim 1 , wherein the data comprises a packet of data. 
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5. The method of claim 1, wherein the fihering further comprises forwarding the 
data if the signature certainty value is less than the system certainty value; and discarding the 
data if the signature certainty value is less than the system certainty value. 

5 6. The method of claim 5, wherein the step of forwarding further comprises 

generating a message log to indicate that data matching a signature was forwarded. 

7. A system for maintaining computer security, comprising: 

means. for determining an initial system certainty value for the computer system; 
10 means for providing access to a database of signatures, each signature including a 

signature certainty value; 

means for receiving data; 

means for comparing the received data with the database of signatures; 

means for increasing the system certainty value if the received data does not match a 
1 5 signature in the database; 

means for decreasing the system certainty value if the received data matches a 
signature in the database; and 

means for filtering the data based on the system certainty value and the signature 
certainty value of a signature matching the received data. 

20 

8. The system of claim 7, wherein the data that does not match a signature in the 
database is forwarded to its destination. 
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9. The system of claim 7, wherein the increased or decreased certainty value 
becomes the initial system value. 

10. The system of claim 7, wherein the data comprises a packet of data. 

5 

1 1 . The system of claim 7, wherein the means for filtering further comprises means 
for forwarding the data if the signature certainty value is less than the system certainty value; 
and discarding the data if the signature certainty value is less than the system certainty value. 

10 12. The system of claim 11, wherein the means for forwarding further comprises 

means for generating a message log to indicate that data matching a signature was forwarded. 

13. A computer recording medium including computer executable code for 
maintaining security of a computer system, comprising: 
1 5 code for determining an initial system certainty value for the computer system; 

code for providing access to a database of signatures, each signature including a 
signature certainty value; 

code for receiving data; 

code for comparing the received data with the database of signatures; 
20 code for increasing the system certainty value if the received data does not match a 

signature in the database; 

code for decreasing the system certainty value if the received data matches a signature 
in the database; and 
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code for filtering the data based on the system certainty value and the signature 
certainty value of a signature matching the received data. 

14. The computer recording medium of claim 13, wherein the data that does not 
5 match a signature in the database is forwarded to its destination. 

15. The computer recording medium of claim 1 3, wherein the increased or decreased 
certainty value becomes the initial system value. 

10 16. The computer recording medium of claim 13, wherein the data comprises a 

packet of data. 

17. The computer recording medium of claim 13, wherein the code for filtering 
further comprises code for forwarding the data if the signature certainty value is less than the 

15 system certainty value; and discarding the data if the signature certainty value is less than the 
system certainty value. 

18. The computer recording medium of claim 17, wherein the code for forwarding 
further comprises code for generating a message log to indicate that data matching a signature 

20 was forwarded. 
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